Methods and systems for controlling access to relationship information in a social network

ABSTRACT

Systems and methods for controlling access to relationship information in a social network are described. One described method comprises receiving a request from an observer for relationship information indicating at least a first relationship between a target in a social network and a second entity in the social network, identifying at least a first privacy rule for the first relationship, and outputting at least part of the relationship information to the observer if the first privacy rule is satisfied.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/085,467, filed Apr. 12, 2011, entitled “Methods and Systems forControlling Access to Relationship Information in a Social Network,”which is a continuation of U.S. Pat. No. 7,949,611, filed May 5, 2010,entitled “Controlling Access to Profile Information in a SocialNetwork,” which is a continuation of U.S. Pat. No. 7,716,140, filed Dec.31, 2004, entitled “Methods and Systems for Controlling Access toRelationship Information in a Social Network,” each of which are herebyincorporated by this reference.

FIELD OF THE INVENTION

The invention generally relates to social networks. More particularly,the invention relates to systems and methods for controlling access torelationship information in a social network.

BACKGROUND

Conventional social networks provide their members with the ability toform relationships with other members of the social network. Oncemembers form relationships with each other, they often can view more ofeach other's profile information, including such information as a name,pictures, interests, etc. Additionally, members of the social networkcan typically view an interface showing the members with which aparticular member has relationships. Some social networks allow membersto share expanded profile information with their network friends andfriends of those friends. Such social networks do not, however,effectively control access to relationship information, such asinformation indicating the existence and type of relationships betweensocial network members.

SUMMARY

One embodiment of the present invention provides a method forcontrolling access to relationship information in a social network. Forexample, one such method includes receiving a request from an observerfor relationship information indicating a relationship between onemember of a social network and another entity in the social network,identifying a privacy rule for the relationship between the member andthe entity, and outputting at least part of the relationship informationto the observer if the privacy rule is satisfied. The privacy rule maybe identified, for example, by accessing a privacy rule received fromthe member of the social network prior to the request.

This illustrative embodiment is mentioned not to limit or define theinvention, but to provide one example of an embodiment of the inventionto aid understanding thereof. Illustrative embodiments are discussed inthe Detailed Description, and further description of the invention isprovided there. Advantages offered by the various embodiments of thepresent invention may be further understood by examining thisspecification.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features, aspects, and advantages of the presentinvention are better understood when the following Detailed Descriptionis read with reference to the accompanying drawings, wherein:

FIG. 1 illustrates a method in accordance with one embodiment of thepresent invention and an illustrative environment for carrying out themethod;

FIG. 2 illustrates a diagram of an illustrative social network inaccordance with one embodiment of the present invention;

FIG. 3 illustrates an illustrative user interface in accordance with oneembodiment of the present invention;

FIG. 4 illustrates an illustrative social network structure for thesocial network illustrated in FIG. 2;

FIG. 5 illustrates another illustrative user interface in accordancewith one embodiment of the present invention; and

FIG. 6 illustrates a diagram of an illustrative system in accordancewith one embodiment of the present invention.

DETAILED DESCRIPTION Introduction

Embodiments of the present invention comprise methods and systems forcontrolling access to relationship information in a social network.There are multiple embodiments of the present invention. By way ofintroduction and example, one illustrative embodiment of the presentinvention provides a method for allowing a member of a social network tocontrol which of the member's relationships are visible to other membersof the social network. For example, within a social network, a membermay have a group of co-workers and a group of dating friends. The membermay not want the member's co-workers to be able to discover who themember is dating by accessing the social network. Certain embodiments ofthe present invention allow the member to limit the members of thesocial network who can view with whom the member has relationships andto limit the information about the relationship that is available (e.g.,the type of relationship). The control of relationship information maybe accomplished, for example, by allowing the member who wishes to limitsuch information to designate privacy rules for the member'srelationships. Such control may also be accomplished, for example, byallowing social network members to establish groups of relationships andindicate privacy rules for the groups. The privacy rules may indicatecriteria for accessing profile or relationship information within thesocial network. For example, a member of the social network can create aprivacy rule or rules indicating that dating friends can see a displayindicating the member's co-workers, but that co-workers cannot see adisplay indicating the dating friends of the member. Thus, certainembodiments of the present invention facilitate the protection of themember's privacy, not only for profile information, but for relationshipinformation as well.

This introduction is given to introduce the reader to the generalsubject matter of the application. By no means is the invention limitedto such subject matter. Illustrative embodiments are described below.

Processes

FIG. 1 shows an illustrative method 100 for controlling access torelationship information within a social network. A social network canrefer to a computer network connecting entities, such as people ororganizations, by a set of social relationships, such as friendship,co-working, or information exchange. Of course, a social network canalso refer to a computer application or data connecting such entities bysuch social relationships. Social networks are discussed further below.

The first section below, entitled “Brief Overview of an IllustrativeMethod,” provides a brief overview of the illustrative method 100 withreference to FIG. 1. Then, in the sections following the first section,the various blocks in FIG. 1 will be described in more detail withreferences to FIGS. 1 through 5. Finally, illustrative systemarchitectures that may be used in carrying out methods according to thepresent invention are described with reference to FIG. 6.

Brief Overview of an Illustrative Method

FIG. 1 shows an illustrative environment 180, 188 that may be used toperform that which is shown in each block shown in the method 100. FIG.1 depicts a social network engine 180 that includes a relationshipprocessor 182, a privacy module 184, and a display processor 186 thathas access to a social network database 188. These system componentsmaking up the social network engine 180 comprise computer processorshaving access to code for carrying out the methods described. The systemcomponents shown in FIG. 1 are mentioned only briefly here, and aredescribed in further detail below with reference to FIG. 6. To aid inunderstanding, the system component in the illustrative social networkengine 180 shown in FIG. 1 is shown above the blocks in the method 100that the component is responsible for facilitating.

According to the illustrative method 100, the relationship processor 182receives a request from a member of a social network seekingrelationship information of another member of the social network (block102). For convenience, the member requesting the relationshipinformation will be referred to as the “observer” or “requestingmember,” and the profile of the member for whom relationship informationis requested will be referred to as the “target” profile (and the memberas the “target” member). For example, the observer may transmit arequest seeking a display showing members of the social network that thetarget member classifies as “friends.” After receiving the request, therelationship processor 182 identifies all relevant relationships betweenthe target and other entities in the social network, includingrelationships with the observer, if any (block 103). These relevantrelationships may be identified, for example, by accessing a databasecontaining a list or table of relationships and their types for thetarget member. The entities in the social network may include, forexample, other members, other profiles, or communities within the socialnetwork.

After identifying the relevant relationships of the target profile, theprivacy rule module 184 identifies a privacy rule for each of therelationships (block 104). The privacy rule for a relationship definesthose that have permission to access information about the relationship.The privacy rule for a relationship may also indicate conditions fordisplaying profile information. Such privacy rules may have beenpreviously specified, for example, by the target member. The privacyrule may be, for example, that “best friends” can know of therelationship and its type, “friends” can know of the relationship butnot its type, and others cannot know of either the relationship or itstype. Additionally, a privacy rule may allow a member to keepinformation regarding which communities the member is a part ofconfidential.

Once the privacy rules for the relevant relationships are identified,the privacy rule module 184 determines whether the requesting member ofthe social network satisfies the privacy rules 106. For the privacyrules that are satisfied, a display processor 186 outputs appropriaterelationship information and user data as determined by the privacy rule108. To output profile information, the display processor 186 mayretrieve user data referenced by the privacy rule from a social networkdatabase 188. If the privacy rule is not satisfied for a relationship,the observer (i.e., the requester) is denied access to the requestedrelationship information.

With this overview in place, the illustrative method 100 will now bedescribed in further detail. FIGS. 1 through 6 are referenced throughoutthe following description to help explain the various components of theillustrative method 100. The section below entitled “Receiving a Requestfor Relationship Information” amplifies on block 102 of FIG. 1. The nextsection, entitled “Illustrative Social Networks,” discusses illustrativesocial network environments. The following sections, “IdentifyingRelationships” and “Identifying Privacy Rules,” amplify on blocks 103and 104 of FIG. 1, respectively. The section entitled “IdentifyingPrivacy Rules” includes a section entitled “Illustrative Privacy Rules”that provides examples of various privacy rules. Next, a sectionentitled “Identifying Whether the Privacy Rule is Satisfied” amplifieson block 106 of FIG. 1. Then, sections entitled “Outputting RelationshipInformation,” “Privacy Rules for Profile Information,” and “DenyingAccess to Relationship and Profile Information” amplify on blocks 108and 110 of FIG. 1. Finally, illustrative system environments that may beused in association with the present invention are discussed.

Receiving a Request for Relationship Information

The illustrative method 100 shown in FIG. 1 begins in block 102 wherethe relationship processor 182 receives a request for relationshipinformation. The relationship information may include data indicating anexistence of a relationship between any two entities in the socialnetwork such as a relationship between two members, between a member anda community, or between two communities. In addition to indicating theexistence of a relationship, the relationship information may furtherindicate a type of a relationship, a weight of a relationship, a levelof a relationship, when a relationship was formed, or another suitableaspect of a relationship.

There are various ways a request for relationship information can bereceived. In one embodiment, the social network engine 180 receives arequest for relationship information when the observer is logged into asocial network and clicks on an icon representing the target member ofthe social network. For example, an observer O within a social network200, as illustrated in FIG. 2, may desire to view relationshipinformation associated with a target T. The target T has relationshipswith members M₁, M₂, and M₃. The observer O may request relationshipinformation for the target T by using a user interface, such as the userinterface 300 illustrated in FIG. 3. According to one embodiment, therelationship information can be requested by an agent of observer O thathas permission to access information on behalf of the observer O.

The user interface 300 illustrated in FIG. 3 is a web page and includesa member icon 302 along with profile data 320 and a member networkdisplay 304. The member network display 304 can show icons for eachentity that has a relationship with the member whose icon 302 andprofile data 320 are being displayed. For example, for the socialnetwork 200, if the member icon 302 represents the observer O, then themember network display 304 can include icons 306 and 308 representingprofiles for target T and member M₄. The observer may requestrelationship information about the target T by selecting the icon 306,for example. The relationship processor 182 receives this request andproceeds to identify all relationships for the target T as illustratedin block 103.

Illustrative Social Network

To better explain how the relationship processor 182 identifies therelationships for a target profile, it is helpful to discuss the socialnetwork 200 illustrated in FIG. 2 in more detail. As mentioned above,the illustrative social network 200 illustrated in FIG. 2 comprises userprofiles M₁-M₅, target profile T and observer profile O represented byvertices in a data graph. The types of relationships illustrated in FIG.2 include co-worker relationships, friendship relationships, and datingrelationships and are represented by differing types of edges betweenthe vertices representing the profiles M₁-M₅, target T and observer O.For example, a friendship relationship from observer O to target T isrepresented by a solid edge extending from the vertex representing theobserver O to the target T; and a co-worker relationship between theobserver O and the target T is represented by a dotted edge from thevertex representing observer O to the vertex representing target T.

The co-worker, friendship, and dating relationships may be eitherdirected relationships or undirected (also known as bi-directional)relationships. Directed relationships indicate which profile originateda relationship and allow for non-symmetrical relationships betweenprofiles. For example, directed relationship can permit a first memberto indicate that a second member of the social network is a best friend,and the second member to indicate only an acquaintance relationship withthe first member. Directed relationship can be represented in a datagraph with one way directed edges between profiles. For example, in thesocial network 200, there is a directed relationship from member M₅ tothe member M₄ which the member M₄ has not reciprocated. Thus, there isnot a relationship extending from member M₄ back to member M₅. Themember M₄ may not have reciprocated the relationship because the memberM₄ has not logged on to the social network since the member M₅established the relationship, or because member M₄ does not desire toindicate a relationship with the member M₅. Directed relationships canoffer more control to members of a social network for creating andaccepting relationships with another member because each party to therelationship can agree that the relationship exists.

Undirected (or bi-directional) relationships can indicate a relationshipbetween members of the social network without distinguishing a directionfor the relationship or an indication of who created the relationship.Such relationships may not require reciprocation in order to be formed.For example, if a first member indicates a relationship with a secondmember of the social network in a model using only undirectedrelationships, a relationship as indicated by the first member may becreated between the first member and the second member without the needfor the second member to reciprocate or indicate a relationship with thefirst member.

The relationships illustrated in FIG. 2 may be of varying types, weightsand levels. For example, the friendship relationship from the target Tto member M₂ can be a “best friend” level of friendship relationshipwhereas the friendship relationship between member M₂ and M₄ may only bean “acquaintance” level of friendship relationship. Within a given levelof relationship, a weight may also be indicated. A weight ofrelationship can distinguish between relationships of a similar type andlevel. For example, a user may weight one best friend relationshiphigher than another best friend relationship.

Additionally, within a social network, a degree of separation betweentwo profiles can be determined by identifying the fewest number of edgesseparating the two profiles. The path found by the fewest number ofedges separating two related profiles can be referred to as a shortestpath. For example, in the social network 200, the shortest path fromobserver O to member M₄ may comprise the friendship relationshipdirectly from the observer O to the member M₄ instead of the longer pathby way of target T and member M₂, for example. According to oneembodiment, a degree of separation may be determined by use of aweighting factor assigned to each relationship. For example, closefriendships may be weighted higher than acquaintances. A degree ofseparation for weighted relationships may be inversely proportionate tothe weight of the relationships, so that a path between more heavilyweighted relationships would have a lower degree of separation than apath between less heavily weighted relationships.

Within a social network, members may use privacy rules to control accessto relationship and profile information. The privacy rules may be basedon any suitable attribute of a relationship including a weight of arelationship, level of a relationship, type of a relationship, or degreeof separation. To facilitate such privacy rules the social networkengine 180 may maintain relationship information in a form representedby the data graph illustrated in FIG. 4. The graph illustrated in FIG. 4facilitates privacy rules based on different weights and types ofrelationships by indicating each type and weight of relationship with a“group” vertex that is associated with the profiles comprising therelationship. The group vertex appears in the data graph between oneentity in the social network and other entities that are members of thegroup. For convenience, the group vertices will be symbolicallyrepresented g_(x)(N) where x designates the type of group and Ndesignates the profile creating the group. For example, in FIG. 4,target T has three groups: g_(f)(T) representing the group of the targetT's friends; group g_(c)(T) representing the group of the target T'sco-workers; and group g_(d)(T) representing the group of the target T'sdating relationships. While the vertices in FIG. 4 are described asrepresenting member profiles, the methods described work equally wellwith other social network entities such as communities, events oragents. Communities within a social network can comprises groups ofentities that facilitate sharing information such as common interests,activities, etc. Events within a social network can comprise, forexample calendar events that can be associated with attendees andprovide event information. Agents in a social network can compriseentities that have permission to access information on behalf of anothersocial network entity.

The data graph structure illustrated in FIG. 4 allows all relationshipsto be represented with a single type of edge. Differing types ofrelationship edges are not required since the group vertices distinguishwhat type, level, and weight of relationship exists between relatedentities. For example, the data graph illustrated in FIG. 4 representsthe same social network 200 illustrated in FIG. 2, but instead ofrequiring differing types of edges between profile vertices, such as thefriendship edges, co-worker edges, etc., the data graph in FIG. 4 uses asinge type of edge and represents types and weights of relationshipswith group vertices. For example, Target T in FIG. 2 has three types ofrelationships with other profiles. A co-worker relationship with memberM₁, a friendship relationship with member M₂ and observer O, and adating relationship with member M₃ and the observer O. In the data graphstructure illustrated in FIG. 4, these types of relationships areillustrated by the three groups g_(f)(T), g_(c)(T) and g_(d)(T), whichare connected to each profile who is a member of each respective group.Thus the group g_(f)(T) is connected to member M₂ and observer O, groupg_(c)(T) is connected to the member M₁, and group g_(d)(T) is connectedto member M₃ and the observer O.

The group vertices illustrated in FIG. 4 are connected by a first edgeextending to the group vertex from the profile that created the groupand by a second edge from the group vertex to another group vertex or toa social network entity that is a member of the group. For example, theco-worker relationship between target T and observer O includes a firstedge to the group g_(c)(T) and a second edge from the group g_(c)(T) toobserver O. According to the data graph structure illustrated in FIG. 4,social network entities are connected to other social network entitiesthrough at least one group vertex.

Groups may also be connected to other groups. Connections between groupsindicate whether members of one group have permission to accessinformation from members of another group. According to one embodiment,the connections between groups and profiles, and between two groups aredirected relationships. For example, target T's dating group g_(d)(T)has a one-way relationship connecting it to the co-worker group g_(c)(T)representing that members of target T's dating group can view members oftarget T's co-worker group. The absence of a connection from theco-worker group g_(c)(T) to the dating group g_(d)(T) represents, thatmembers of target T's co-worker group cannot view members of target T'sdating group.

The illustrative social network 200 as depicted in FIG. 4 will be usedbelow to further discuss blocks 103-106 of the illustrative method 100.While each of the entities illustrated in FIG. 4 represents a memberprofile, it should be understood that the methods discussed inconnection with FIG. 4 work equally well with other social networkentities such as communities, etc.

Identifying Relationships

Returning now to block 103, the relationship processor 182 identifiesall relationships for the target T. According to one embodiment, aspecified degree of separation can be used to limit the number ofrelationships that will be identified. For example, it can be determinedthat only relationships up to two degrees of separation are of interest,and in block 103 relationships that are two degrees or less from thetarget T will be identified. For purposes of example, all first degreerelationships for the target T in the social network 200 as show in FIG.4 are listed below:T→g _(f)(T)→O  1.T→g _(f)(T)→M ₂  2.T→g _(c)(T)→M ₁  3.T→g _(d)(T)→O  4.T→g _(d)(T)→M ₃  5.T→g _(d)(T)→g _(c)(T)→M ₁  6.

As seen above, in this illustrative embodiment, all relationshipsbetween social network entities will pass through a group vertex. Groupvertices can also be connected to other group vertices. For example inrelationship 6 above, the target T has a relationship with member M₁ byvirtue of the target T's dating group g_(d)(T) having an edge to thetarget T's co-worker group g_(c)(T). According to one embodiment,relationships may be identified in a breadth first search starting withthe target profile continuing for the specified degree of separation oruntil a branch of the search leads back to the target profile.

Identifying Privacy Rules

Once the relationships for the target T are identified, the socialnetwork engine 180 identifies a privacy rule for the relationship asillustrated in block 104 of FIG. 1. A privacy rule for a relationshipmay comprise any suitable access criteria that designate conditions forwhen relationship information may be accessed by other members of thesocial network. For each relationship, the group vertices forming therelationship can identify the privacy rules for that relationship. Forexample, in relationship 1 above between the target T and observer O,the group vertex containing the privacy rule for this relationship isthe group g_(f)(T). Privacy rules can indicate a minimum weight ofrelationship, a degree of separation, a type of relationship, or othersuitable criterion designating which members of the social network mayview the relationship information. For example, a privacy rule can beset up that would allow a member's co-worker to see other co-workers butnot allow the co-worker to see the member's dating relationships. Somespecific examples of privacy rules are discussed below.

Illustrative Privacy Rules

Illustrative types of privacy rules include 1) Private to user, 2)Neighbors in a group, 3) Two neighbors of a group, 4) Across twodifferent groups, 5) Across two different groups' two neighbors, and 6)Public. It should be understood that this is only a list of possibletypes of privacy rules and merely provides illustrative privacy rulesthat may be used by embodiments of the present invention. By no meansare these the only types of privacy rules that may be used. According toother embodiments, any suitable designation of a degree of separation,relationship weight, relationship type, profile characteristic, or othersuitable social network attribute may be used to designate a privacyrule.

A “private to a user” privacy rule can indicate that the only member ofthe social network who can view or access the relationship informationis the profile that created the relationship. For example, a member ofthe social network may want to keep relationship information about whothe member is dating completely confidential. In such a situation, themember may use a “private to a user” privacy rule to ensure the datingrelationships are not visible to other members of the social network.

A “neighbors of a group” privacy rule can indicate that members within acertain group, for example a “friends” group, can see other members ofthe same group, but that the members of that group are not visible tomembers outside of the group. For example, in the social network 200,target T's friend member M₂ can be permitted to view friend observer Obut not dating friend M₃.

A “two neighbors of a group” privacy rule can allow members of a groupto act as intermediaries for relationships. For example, profiles with arelationship with a member of a group can be permitted to view othermembers of that group. For example, in the social network 200, member M₄is not directly a friend of target T, but is a friend of member M₂, whois a friend of target T. Therefore, according to a “two neighbors of agroup” privacy rule, member M₄ could be permitted to view target T'srelationship with observer O based on the relationship with intermediarymember M₂.

An “across two different groups” privacy rule can allow members of onegroup to see relationships for members of another group in a one-wayfashion. For example, members of a best friends group can be permittedsee members of an acquaintances group, but members of the acquaintancesgroup can be restricted from seeing the best friends group.

An “across two different groups' two neighbors” privacy rule canfunction similar to the “two neighbors of a group rule” by allowingmembers of one group to see relationships for members of another groupin a one-way manner, but can further allow friends of one group to seerelationships for another group. For example, members of a best friendsgroup and other members with relationships to the members of the bestfriends group can be permitted to see members of an acquaintances group,but not visa versa.

A “public” privacy rule can permit all members of the social network tosee the corresponding relationship or profile information.

Identifying Whether the Privacy Rule is Satisfied

After identifying a privacy rule for a relationship, the privacy rulemodule 184 determines whether the privacy rule is satisfied asillustrated in block 106 of FIG. 1. Since, in one embodiment, privacyrules are controlled by the profile that created the correspondingrelationship, this may involve checking a privacy rule for arelationship from the target T to a related member of the social networkand checking a privacy rule for a relationship from the related memberback to the target T. For example, in FIG. 4, to determine whether theobserver O has permission to view the target T's relationship withmembers M₂ and M₃, one or more relationships from the target T to theobserver O are identified. In the social network 200, this can be therelationship M₂→g_(d)(T)→O, for example.

Once one or more relationships from the target profile T to the observerO are identified, the group or groups forming the relationship areidentified. Identifying the group or groups that make up therelationship from a target profile to an observer profile allows theprivacy rule module 184 to identify the groups which will control accessto the relationship. For example, for the relationship T→g_(d)(T)→O inthe social network 200, the group forming the relationship—or in otherwords the group through which the relationship passes—is the target T'sdating group g_(d)(T). Thus, the privacy rule module 224 will use theprivacy rules for this group in determining whether access torelationships with the target T by the observer O including target T'sdating group g_(d)(T) are permitted.

Because the profile originating a relationship may control access tothat relationship, any relationship information available to theobserver O about the target profile T must at least “pass through” thisgroup. In other words, any relationship with the target profile Tvisible to the observer O must include target T's dating group g_(d)(T).For example, of the first degree relationships listed above for thetarget T, those “passing through” the group g_(d)(T) includerelationships 4-6 listed below:T→g _(d)(T)→O  4.T→g _(d)(T)→M ₃  5.T→g _(d)(T)→g _(c)(T)→M ₁  6.

Note that if the relationship g_(d)(T)→g_(c)(T) between the datingrelationship of the target T and co-workers of the target T did notexist, the relationship T→g_(d)(T)→g_(c)(T)→M₁ between the target T andmember M₁ would not pass through target T's dating group g_(d)(T).

For the relationships that “pass through” the group g_(d)(T), theprivacy rule associated with the group g_(d)(T) will determine in partwhether these relationships are available to the observer O. Forexample, in order for the observer O to be able to access therelationship between the target profile T and profile M₁, the privacyrule for group g_(d)(T) set by the T must allow the access. This canoccur, for example, if T has indicated a “neighbors in a group” privacyrule that allows members of group g_(d)(T) to view other members ofgroup g_(c)(T). For example, the target T may want dating friends to beable to view co-workers, but may not want co-workers to be to view thetarget T's dating friends.

Because the profiles that have relationships with the target T may alsocontrol access to their own relationships with the target T, the privacyrules for the groups connecting the members back to the target must alsoallow access by the observer O. For example, consider the relationshipM₁→g_(c)(M₁)→T between the profile M₁ and the target T. Thisrelationship passes through the co-worker group g_(c)(M₁) for the memberM₁, so the co-worker group g_(c)(M₁) must have a privacy rule allowingaccess to the observer O. For the relationship illustrated in FIG. 2,this means that the privacy rule for the profile M₂ would have toindicate a broad permission, such as a public level privacy rule. Abroad permission privacy rule would be required in this example becausethe profile M₁ is not directly connected to the observer O, and does nothave a relationship that allows it to view the observer's profile—notethat there is no connection from the co-worker group g_(c)(T) of thetarget T to the dating group g_(d)(T) of the target T, but only aone-way connection from g_(d)(T) to g_(c)(T). The practical significanceof this can be seen in that the member M₁ has only indicated a co-workerrelationship with the target T and cannot see target T's dating friends.Member M1 should be able to control who can know he is a co-worker ofthe target T and so can indicate a privacy rule for the group g_(c)(M₁).

That such a rule may be required can thus be consistent with protectingrelationship information since relationship information should generallynot be available to entities that the profile creating the relationshipis unaware of, unless that profile has indicated a broad permissionlevel such as a public level privacy rule for the group making up therelationship. For example, the member M₁ may not consider the group ofco-workers g_(c)(M₁) private and can thus have indicated a broadpermission, by way of a public level privacy rule for example, for theco-worker group allowing it to be accessed by the entire social network.

According to one embodiment, determining whether a privacy rule issatisfied may comprise identifying a union of privacy rules. Forexample, target T has a relationship with observer O by both a datingrelationship and a friendship relationship. When determining a privacyrule for information that observer O is permitted to see regardingrelationships with target T, the privacy rule module 184 can identify aunion of the privacy rules for dating relationships and for friendshiprelationships. For example, target T can indicate that dating friendscan view coworkers but not friendship relationships, and that friendscan view other friends but not coworkers. If the observer O thenrequests relationship information for target T, the observer O will bepermitted to see both the dating relationship with member M₃ and thecoworker relationship with member M₁ because of the union of datingprivacy rules and friendship privacy rules.

Outputting Relationship Information

Referring again to FIG. 1, if the social network engine 180 determinesthat a privacy rule is satisfied, the method 100 proceeds to block 106,wherein the display processor 186 outputs the relationship informationif the access criterion is satisfied 110. Outputting the relationshipinformation if the access criterion is satisfied may compriseselectively outputting relationship information, indicating a secrecystatus for relationship information, outputting a warning for negativerelationships, or other suitable ways of regulating relationshipinformation based on the access criterion.

According to one embodiment, an illustrative user interface 500 as shownin FIG. 5 may be used to output the relationship information. Theillustrative user interface 500 shows a web page similar to the userinterface 300 illustrated in FIG. 3. The illustrative user interface 500shown in FIG. 5 displays a member icon 502, profile data 520, and amember network display 504. The member network display 504 in FIG. 5presents icons representing member M₁ and M₂ that comprise two of theprofiles related to the target T. The member M₃ is also related to thetarget T, but is not shown in FIG. 5 to demonstrate that the member M₃may have indicated a privacy rule preventing observer O from seeing therelationship M₃→g_(d)(M₃)→T. For example, the member M₃ can indicatethat this relationship is private to the member M₃. Thus even though aprivacy rule for the relationship T→g_(d)(T)→M₃ may allow the observer Oto view information for the member M₃, the privacy rule for the memberM₃ may still prevent profile or relationship information from beingpresented to the observer O.

Depending on the privacy rule, relationship information or profile datamay be selectively output. Selectively outputting information cancomprise, for example, outputting information regarding the existence,type, and weight of a relationship and preventing access to remainingrelationship information based on whether the access criterion issatisfied. For example, the social network engine 180 can outputinformation indicating an existence of a relationship between observer Oand the target T, but, depending on the privacy rule for therelationship, may not output information about the type or weight of therelationship. Thus, for example, an output similar to the networkdisplay 504 may be presented showing icons indicating which profileshave relationships with the profile represented by the icon 502, but maynot contain information indicating the type of the relationship.According to one embodiment, sub-classification information—such as alevel of friendship—can be kept private so that a display showing anetwork of a social network member will not reveal thesub-classification of related social network entities. For example, anetwork display can present to an observer all friends of a memberincluding acquaintances, close friends, and best friends of the member,but not reveal to the observer the sub-classifications of the member'sfriends.

Indicating a secrecy status for relationship information may comprise,for example, outputting a designation in connection with relationshipinformation informing a member of the social network viewing therelationship information that the relationship information isconfidential or should be kept a secret. For example, target T may allowobserver O to see that the dating relationship with member M₃ but maynot want the information shared with other members of the socialnetwork. According to one embodiment, the relationship information canthus be displayed along with an indication of its confidential status.This can enable observer O to realize that the dating relationshipbetween the target T and member M₃ is to be kept secret.

Outputting a warning for negative relationships may comprise determiningwhether a relationship with a first profile will also form arelationship between a member and a second profile with which the memberprofile has indicated a negative relationship. For example, target T canindicate a negative relationship indicating, for example, that member M₄is an enemy. Member M₂ can have a relationship with the member M₄ by afriendship relationship as illustrated in the illustrative socialnetwork 200. Member M₂ can further invite target T to form a friendshiprelationship T→g_(f)(T)→M₂ with the member M₂. Because the proposedrelationship with the member M₂ will create a second degree relationshipbetween target T and member M₄ (a friend-of-a-friend relationship), thedisplay processor 186 can output a warning to target T indicating thatthe relationship with member M₂ may also create a relationship withmember M₄ with whom the target T has indicated a negative relationship.

Privacy Rules for Profile Information

In addition to controlling access to relationship information based onprivacy rules for a relationship, the social network engine 180 may alsocontrol access to profile information based on privacy rules.Controlling access to profile information may comprise, for example,selectively outputting profile information, outputting a secrecy statusfor profile information, and other suitable methods of controllingaccess to profile information, such as the methods discussed above forcontrolling access to relationship information. For example, the socialnetwork engine 180 can allow a member to indicate that certain profileinformation, such as a telephone number for example, should only beshared with best friends. The social network engine 180 can thenselectively output the member's telephone number to members that haverelationships with profiles related to target T by a best friend levelof relationship.

According to one embodiment, privacy rules for profile information maybe associated with groups as discussed above in connection withrelationship information. For example, when determining what profileinformation to display for the target T, the privacy rule module 184 canidentify privacy rules for the groups g_(d)(T) and g_(f)(T) that connectprofile T to the observer O. In addition to indicating conditions forsharing relationship information, the privacy rule associated with thegroups g_(d)(T) and g_(f)(T) can also designate which profileinformation is to be displayed to members of the group. For example, thetarget T may indicate a work phone number for the friendship groupg_(f)(T) and a home phone number for the dating friends group g_(d)(T).

Privacy rules for profile information can “flow through” groups in amanner similar to the methods discussed above in connection withrelationship information. For example, the relationship processor canidentify which profile information to present to the observer O for theprofile M₃ by first identifying the relationshipM₃→g_(d)(M₃)→T→g_(d)(T)→O and the relationship M₃→g_(d)(M₃)→T→g_(f)(T)→Oand then identifying the privacy rule for the groups that are part ofthe relationship. Thus, in this example, the privacy rule for the groupg_(d)(M₃) and for the groups g_(d)(T) and g_(f)(T) would determine whichprofile information the observer O can see about profile M₃. So, forexample, the target T may grant permission to access information aboutthe relationship T→g_(d)(T)→M₃, but the member M₃ may only indicate aprivate to a user privacy rule for the group g_(d)(M₃), in which caseprofile information for the member M₃ would not be available to theobserver O.

Denying Access to Relationship and Profile Information

Referring to blocks 106 and 110 of FIG. 1, if the privacy rule module184 determines that the privacy rules controlling the relationship forwhich the observer O has requested information is not satisfied, thenthe display processor 186 can deny the observer O access to therequested information 110. Denying access to the observer O maycomprise, for example, outputting a message that the requestedinformation is not available, not updating a display of the socialnetwork in response to the request, or only outputting allowedinformation and withholding other relationship or profile information.For example, an observer may click on a link representing a target e ina social network. In response to the request, the relationship processor182 identifies all relationships of the target T as discussed above.After identifying these relationships, a privacy rule for each one maybe identified and the privacy rule module 184 can determine whether theprivacy rules are met. If none of the rules are met, the displayprocessor 186 can output an indication to the observer O that noinformation about the requested target is available.

System Architecture

Various systems in accordance with the present invention may beconstructed. FIG. 6 shows an illustrative system in which illustrativeembodiments of the present invention, such as those discussed inconnection with FIGS. 1-5, may operate. The present invention mayoperate, and be embodied in, other systems as well.

The system 600 shown in FIG. 6 comprises multiple client devices 602 a-nin communication with a server device 604 over a network 606. In oneembodiment, the network 606 comprises the Internet. In otherembodiments, other networks, such as an intranet, WAN, or LAN may beused. According to another embodiment, the network 606 may compriseservers attached to the network 606. Moreover, methods according to thepresent invention may operate within a single computer.

The client devices 602 a-n shown in FIG. 6 each comprises acomputer-readable medium, such as a random access memory (RAM) 608coupled to a processor 610. The processor 610 executescomputer-executable program instructions stored in memory 608. Suchprocessors may comprise a microprocessor, an ASIC, and state machines.Such processors comprise, or may be in communication with, media, forexample computer-readable media, which stores instructions that, whenexecuted by the processor, cause the processor to perform the stepsdescribed herein. Embodiments of computer-readable media include, butare not limited to, an electronic, optical, magnetic, or other storageor transmission device capable of providing a processor, such as theprocessor 610 of client 602 a, with computer-readable instructions.Other examples of suitable media include, but are not limited to, afloppy disk, CD-ROM, DVD, magnetic disk, memory chip, ROM, RAM, an ASIC,a configured processor, all optical media, all magnetic tape or othermagnetic media, or any other medium from which a computer processor canread instructions. Also, various other forms of computer-readable mediamay transmit or carry instructions to a computer, including a router,private or public network, or other transmission device or channel, bothwired and wireless. The instructions may comprise code from any suitablecomputer-programming language, including, for example, C, C++, C#,Visual Basic, Java, Python, Perl, and JavaScript.

Client devices 602 a-n may also comprise a number of external orinternal devices such as a mouse, a CD-ROM, DVD, a keyboard, a display,or other input or output devices. Examples of client devices 602 a-n arepersonal computers, digital assistants, personal digital assistants,cellular phones, mobile phones, smart phones, pagers, digital tablets,laptop computers, Internet appliances, and other processor-baseddevices. In general, a client device 602 a may be any type ofprocessor-based platform that is connected to a network 606 and thatinteracts with one or more application programs. Client devices 602 a-nmay operate on any operating system capable of supporting a browser orbrowser-enabled application, such as Microsoft® Windows® or Linux. Theclient devices 602 a-n may include, for example, personal computersexecuting a browser application program such as Microsoft Corporation'sInternet Explorer™, Netscape Communication Corporation's NetscapeNavigator™, and Apple Computer, Inc.'s Safari™

Through the client devices 602 a-n, users 612 a-n can communicate overthe network 606 with each other and with other systems and devicescoupled to the network 606. As shown in FIG. 6, a server device 604 isalso coupled to the network 606.

The server device 604 shown comprises a server executing a socialnetwork engine application program, also known as a social networkengine 180. The social network engine 180 allows users, such as user 612a, to interact with and participate in a social network. As mentionedabove, a social network can refer to a computer network connectingentities, such as people or organizations, by a set of socialrelationships, such as friendship, co-working, or information exchange.Of course, a social network can refer to a computer application or dataconnecting such entities by such social relationships. Examples ofsocial networks include Orkut.com and Friendster.com.

Social networks can comprise any of a variety of suitable arrangements.An entity or member of a social network can have a profile and thatprofile can represent the member in the social network. The socialnetwork can facilitate interaction between member profiles and allowrelationships between member profiles. As discussed above, relationshipsbetween member profiles may be reciprocal relationships. For example, afirst member can invite another member to form a relationship with thefirst member and the other member can accept or reject the invitation. Amember may also categorize or weigh the relationship with other memberprofiles, such as, for example, by assigning a level to therelationship. For example, for a friendship-type relationship, themember can assign a level, such as acquaintance, friend, good friend,and best friend, to the relationships between the member's profile andother member profiles. In one embodiment, the social network engine 180can determine the type of relationship between member profiles,including, in some embodiments, the degree of separation of therelationship and the corresponding weight or level of the relationship.

Similar to the client devices 602 a-n, the server device 604 showncomprises a processor 616 coupled to a computer-readable memory 618.Server device 604, depicted as a single computer system, may beimplemented as a network of computer processors. Examples of a serverdevice 604 are servers, mainframe computers, networked computers, aprocessor-based device, and similar types of systems and devices. Clientprocessor 610 and the server processor 616 may be any of a number ofcomputer processors, such as processors from Intel Corporation of SantaClara, Calif. and Motorola Corporation of Schaumburg, Ill.

Server device 604 further comprises a social network engine 180 withinmemory 618. The social network engine comprises a relationship processor182, a privacy rule module 184, and a display processor 186. Asdiscussed above, the relationship processor 182 can identifyrelationships between entities within a social network. The relationshipprocessor 182 can pass a set of identified relationships to the privacyrule module 184. The privacy module 184 can identify one or more privacyrules for each relationship and can further determine whether anobserver within the social network satisfies the criteria specified bythe privacy rule for accessing information about the correspondingrelationship. A display processor 186 can then cause the output of therelationship information as indicated by the privacy rule.

Server device 604 also provides access to storage elements, such as asocial network storage element, in the example shown in FIG. 6, a userdata datastore 188. The datastore 188 may be used to store profileinformation, or other social network components. Data storage elementsmay facilitate any one or combination of methods for storing data,including without limitation, arrays, hash tables, lists, and pairs.Other similar types of data storage devices can be accessed by theserver device 604. According to one embodiment, privacy rules canreference profile information to allow the display processor 186 toobtain the appropriate profile information to output to an observerwithin a social network. The social network engine 180 can receive datacomprising the profiles and communities from the social network database188 and can also send data comprising communities and profiles to thesocial network database 188 for storage. The social network database 188may be physically attached or otherwise in communication with the socialnetwork engine 180 by way of a network or other connection.

It should be noted that the present invention may comprise systemshaving different architecture than that which is shown in FIG. 6. Forexample, in some systems according to the present invention, serverdevice 604 may comprise a single physical or logical server. The system600 shown in FIG. 6 is merely illustrative, and is used to help explainthe illustrative method shown in FIG. 1.

General

While the above description contains many specifics, these specificsshould not be construed as limitations on the scope of the invention,but merely as exemplifications of the disclosed embodiments. Thoseskilled in the art will envision any other possible variations that arewithin the scope of the invention.

The invention claimed is:
 1. A computer-implemented method comprising:receiving a first request via a communications network from a first userto view a social network information associated with a second user, thefirst user having a first user-established relationship and a seconduser-established relationship with the second user in a social network;Identifying a third user having a third user-established relationshipwith the second user; identifying a first privacy rule associated withthe second user based on the first and third user-establishedrelationships; identifying a second privacy rule associated with thesecond user based on the second and third user-establishedrelationships; determining a third privacy rule based on the firstidentified privacy rule and identified privacy rule; a computerprocessor determining what social network information associated withthe second user to provide to the first user based at least in part onthe third privacy rule; and providing the determined social networkinformation associated with the second user to the first user.
 2. Themethod of claim 1, wherein the third privacy rule is a union of thefirst privacy rule and the second privacy rule.
 3. The method of claim1, further comprising: receiving a second request via the communicationsnetwork from a fourth user to view the social network informationassociated with the second user, the fourth user being connected to thesecond user via a fifth user in the social network; determining whetherthe fifth user can be used as an intermediary for providing the socialnetwork information associated with the second user to the fourth userbased at least in part on relationships between the fourth and fifthusers and between the second and fifth users; responsive to determiningthat the fifth user can be used as the intermediary for providing thesocial network information associated with the second user to the fourthuser, determining a fourth privacy rule associated with the second user;and providing the social network information associated with the seconduser to the fourth user.
 4. The method of claim 1, wherein the thirdprivacy rule specifies that the first user has rights to view the socialnetwork information if one of the first and second user-establishedrelationships has a same type of relationship as the thirduser-established relationship.
 5. The method of claim 1, wherein thesocial network information includes relationship information and profileinformation received from users of the social network.
 6. The method ofclaim 1, further comprising: providing an indication that the first useris not permitted to access the social network information responsive todetermining that the first user does not have rights to access thesocial network information.
 7. The method of claim 1, wherein the thirdprivacy rule specifies that the first user has rights to view the socialnetwork information based in part on degrees of separation of the firstand second user-established relationships.
 8. The method of claim 1,wherein the first user-established relationship is weighted higher thanthe second user-established relationship.
 9. A computer systemcomprising: a database comprising a social network information, whereinthe social network information comprises relationship information andprofile information received from users of a social network; arelationship processor executable to: receive a first request from afirst user to view the social network information associated with asecond user via a communications network, and identify a third userhaving a third user-established relationship with the first second user;a privacy rule module stored in a memory associated with the one or morecomputing devices and executable by the one or more computing devicesto: identify a first privacy rule associated with the second user basedon the first and third user-established relationships, identify a secondprivacy rule associated with the second user based on the second andthird user-established relationships; determine a third privacy rulebased on the first and second privacy rules, and determine whether thefirst user has rights to view the social network information based onthe third privacy rule; and a display processor executable to providethe social network information to the second user via the communicationsnetwork responsive to determining that the first user has the rights toview the social network information.
 10. The system of claim 9, whereinthe third privacy rule is a union of the first privacy rule and thesecond privacy rule.
 11. The system of claim 9, wherein the relationshipprocessor is further executable to receive a second request via thecommunications network from a fourth user to view the social networkinformation associated with the second user, the fourth user beingconnected to the second user via a fifth user in the social network,wherein the privacy rule module is further executable to determinewhether the fifth user can be used as an intermediary for providing thesocial network information associated with the second user to the fourthuser based at least in part on relationships between the fourth andfifth users and between the second and fifth users, and responsive todetermining that the fifth user can be used as the intermediary forproviding the social network information associated with the second userto the fourth user, determine a fourth privacy rule associated with thesecond user, and wherein the display processor is further executable toprovide the social network information associated with the second userto the fourth user.
 12. The system of claim 9, wherein the third privacyrule specifies that the first user has the rights to view the socialnetwork information if one of the first and second user-establishedrelationships has the same type as the third user-establishedrelationship.
 13. The system of claim 9, wherein the firstuser-established relationship is weighted higher than the seconduser-established relationship.
 14. The system of claim 9, wherein thedisplay processor is further executable to provide an indication thatthe first user is not permitted to access the social network informationresponsive to determining that the first user does not have the rightsto access the social network information.
 15. A computer program producthaving a computer-readable non-transitory storage medium havingcomputer-executable instructions, the instructions when executed by aprocessor configured to perform steps comprising: receiving a firstrequest via a communications network from a first user to view a socialnetwork information associated with a second user, the first user havinga first user-established relationship and a second user-establishedrelationship with the second user in a social network; identifying athird user having a third user-established relationship with the seconduser; identifying a first privacy rule associated with the second userbased on the first and third user-established relationships; identifyinga second privacy rule associated with the second user based on thesecond and third user-established relationships; determining a thirdprivacy rule based on the first and second privacy rules; a computerprocessor determining what social network information associated withthe second user to provide to the first user based at least in part onthe third privacy rule; and providing the determined social networkinformation associated with the second user to the first user.
 16. Thecomputer program product of claim 15, wherein the third privacy rule isa union of the first privacy rule and the second privacy rule.
 17. Thecomputer program product of claim 15, further comprising: receiving asecond request via the communications network from a fourth user to viewthe social network information associated with the second user, thefourth user being connected to the second user via a fifth user in thesocial network; determining whether the fifth user can be used as anintermediary for providing the social network information associatedwith the second user to the fourth user based at least in part onrelationships between the fourth and fifth users and between the secondand fifth users; responsive to determining that the fifth user can beused as an intermediary for providing the social network informationassociated with the second user to the fourth user, determining a forthprivacy rule associated with the second user; and providing the socialnetwork information associated with the second user to the fourth user.18. The computer program product of claim 15, wherein the third privacyrule specifies that the first user has rights to view the social networkinformation if one of the first and second user-establishedrelationships has the same type as the third user-establishedrelationship.
 19. The computer program product of claim 15, wherein thesocial network information includes relationship information and profileinformation received from users of a social network.
 20. The computerprogram product of claim 15, wherein the instructions when executed bythe processor are further configured to perform steps comprising:providing an indication that the first user is not permitted to accessthe social network information responsive to determining that the firstuser does not have rights to access the social network information.